gnu/services/networking.scm

   1 ;;; GNU Guix --- Functional package management for GNU
   2 ;;; Copyright © 2013, 2014 Ludovic Courtès <ludo@gnu.org>
   3 ;;;
   4 ;;; This file is part of GNU Guix.
   5 ;;;
   6 ;;; GNU Guix is free software; you can redistribute it and/or modify it
   7 ;;; under the terms of the GNU General Public License as published by
   8 ;;; the Free Software Foundation; either version 3 of the License, or (at
   9 ;;; your option) any later version.
  10 ;;;
  11 ;;; GNU Guix is distributed in the hope that it will be useful, but
  12 ;;; WITHOUT ANY WARRANTY; without even the implied warranty of
  13 ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14 ;;; GNU General Public License for more details.
  15 ;;;
  16 ;;; You should have received a copy of the GNU General Public License
  17 ;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.
  18
  19 (define-module (gnu services networking)
  20   #:use-module (gnu services)
  21   #:use-module (gnu system shadow)
  22   #:use-module (gnu packages admin)
  23   #:use-module (gnu packages linux)
  24   #:use-module (gnu packages tor)
  25   #:use-module (guix gexp)
  26   #:use-module (guix monads)
  27   #:export (static-networking-service
  28             tor-service))
  29
  30 ;;; Commentary:
  31 ;;;
  32 ;;; Networking services.
  33 ;;;
  34 ;;; Code:
  35
  36 (define* (static-networking-service interface ip
  37                                     #:key
  38                                     gateway
  39                                     (provision '(networking))
  40                                     (name-servers '())
  41                                     (inetutils inetutils)
  42                                     (net-tools net-tools))
  43   "Return a service that starts @var{interface} with address @var{ip}.  If
  44 @var{gateway} is true, it must be a string specifying the default network
  45 gateway."
  46
  47   ;; TODO: Eventually we should do this using Guile's networking procedures,
  48   ;; like 'configure-qemu-networking' does, but the patch that does this is
  49   ;; not yet in stock Guile.
  50   (with-monad %store-monad
  51     (return
  52      (service
  53
  54       ;; Unless we're providing the loopback interface, wait for udev to be up
  55       ;; and running so that INTERFACE is actually usable.
  56       (requirement (if (memq 'loopback provision)
  57                        '()
  58                        '(udev)))
  59
  60       (documentation
  61        "Bring up the networking interface using a static IP address.")
  62       (provision provision)
  63       (start #~(lambda _
  64                  ;; Return #t if successfully started.
  65                  (and (zero? (system* (string-append #$inetutils
  66                                                      "/bin/ifconfig")
  67                                       "-i" #$interface "-A" #$ip
  68                                       "-i" #$interface "--up"))
  69                       #$(if gateway
  70                             #~(zero? (system* (string-append #$net-tools
  71                                                              "/sbin/route")
  72                                               "add" "-net" "default"
  73                                               "gw" #$gateway))
  74                             #t)
  75                       #$(if (pair? name-servers)
  76                             #~(call-with-output-file "/etc/resolv.conf"
  77                                 (lambda (port)
  78                                   (display
  79                                    "# Generated by 'static-networking-service'.\n"
  80                                    port)
  81                                   (for-each (lambda (server)
  82                                               (format port "nameserver ~a~%"
  83                                                       server))
  84                                             '#$name-servers)))
  85                             #t))))
  86       (stop #~(lambda _
  87                 ;; Return #f is successfully stopped.
  88                 (not (and (system* (string-append #$inetutils "/bin/ifconfig")
  89                                    #$interface "down")
  90                           #$(if gateway
  91                                 #~(system* (string-append #$net-tools
  92                                                           "/sbin/route")
  93                                            "del" "-net" "default")
  94                                 #t)))))
  95       (respawn? #f)))))
  96
  97 (define* (tor-service #:key (tor tor))
  98   "Return a service to run the @uref{https://torproject.org,Tor} daemon.
  99
 100 The daemon runs with the default settings (in particular the default exit
 101 policy) as the @code{tor} unprivileged user."
 102   (mlet %store-monad ((torrc (text-file "torrc" "User tor\n")))
 103     (return
 104      (service
 105       (provision '(tor))
 106
 107       ;; Tor needs at least one network interface to be up, hence the
 108       ;; dependency on 'loopback'.
 109       (requirement '(user-processes loopback))
 110
 111       (start #~(make-forkexec-constructor
 112                 (list (string-append #$tor "/bin/tor") "-f" #$torrc)))
 113       (stop #~(make-kill-destructor))
 114
 115       (user-groups   (list (user-group
 116                             (name "tor")
 117                             (system? #t))))
 118       (user-accounts (list (user-account
 119                             (name "tor")
 120                             (group "tor")
 121                             (system? #t)
 122                             (comment "Tor daemon user")
 123                             (home-directory "/var/empty")
 124                             (shell
 125                              "/run/current-system/profile/sbin/nologin"))))
 126
 127       (documentation "Run the Tor anonymous network overlay.")))))
 128
 129 ;;; networking.scm ends here